forked from kiali/kiali
-
Notifications
You must be signed in to change notification settings - Fork 0
/
kiali_test.go
90 lines (80 loc) · 2.24 KB
/
kiali_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package main
import (
"math/rand"
"testing"
"time"
"github.com/kiali/kiali/config"
"github.com/kiali/kiali/util"
)
func TestValidateWebRoot(t *testing.T) {
// create a base config that we know is valid
rand.Seed(time.Now().UnixNano())
conf := config.NewConfig()
conf.LoginToken.SigningKey = util.RandomString(16)
conf.Server.StaticContentRootDirectory = "."
conf.Auth.Strategy = "anonymous"
// now test some web roots, both valid ones and invalid ones
validWebRoots := []string{
"/",
"/kiali",
"/abc/clustername/api/v1/namespaces/istio-system/services/kiali:80/proxy/kiali",
"/a/0/-/./_/~/!/$/&/'/(/)/*/+/,/;/=/:/@/%aa",
"/kiali0-._~!$&'()*+,;=:@%aa",
}
invalidWebRoots := []string{
"/kiali/",
"kiali/",
"/^kiali",
"/foo/../bar",
"/../bar",
"../bar",
}
for _, webroot := range validWebRoots {
conf.Server.WebRoot = webroot
config.Set(conf)
if err := validateConfig(); err != nil {
t.Errorf("Web root validation should have succeeded for [%v]: %v", conf.Server.WebRoot, err)
}
}
for _, webroot := range invalidWebRoots {
conf.Server.WebRoot = webroot
config.Set(conf)
if err := validateConfig(); err == nil {
t.Errorf("Web root validation should have failed [%v]", conf.Server.WebRoot)
}
}
}
func TestValidateAuthStrategy(t *testing.T) {
// create a base config that we know is valid
rand.Seed(time.Now().UnixNano())
conf := config.NewConfig()
conf.LoginToken.SigningKey = util.RandomString(16)
conf.Server.StaticContentRootDirectory = "."
// now test some auth strategies, both valid ones and invalid ones
validStrategies := []string{
config.AuthStrategyAnonymous,
config.AuthStrategyOpenId,
config.AuthStrategyOpenshift,
config.AuthStrategyToken,
}
invalidStrategies := []string{
"login",
"ldap",
"",
"foo",
}
for _, strategies := range validStrategies {
conf.Auth.Strategy = strategies
config.Set(conf)
if err := validateConfig(); err != nil {
t.Errorf("Auth Strategy validation should have succeeded for [%v]: %v", conf.Auth.Strategy, err)
}
}
for _, strategies := range invalidStrategies {
conf.Auth.Strategy = strategies
config.Set(conf)
if err := validateConfig(); err == nil {
t.Errorf("Auth Strategy validation should have failed [%v]", conf.Auth.Strategy)
}
}
}